Firefly Announces Release of ValidIaC Open Source Solution
March 17, 2022
PRESS RELEASE
TEL AVIV, Israel, March 16, 2022 /PRNewswire/ -- Today, Cloud Asset Management solution Firefly announces the release of a new open-source solution called ValidIaC, which enables DevOps and Cloud Teams to validate, secure, and map Infrastructure-as-Code (IaC) with an all-in-one browser-based tool.
Inspired by Komodor's open-source project ValidKube that combines the best open-source tools to help ensure Kubernetes YAML best practices, Firefly built a sister project for the purpose of Infrastructure-as-Code.
ValidIaC is a new open-source tool that combines several open-source projects and tools to allow developers to check their Terraform HCL (stay tuned for more IaC tools in the near future) code without changing context and from within the same workflow. ValidIaC integrates four popular tools for Terraform to bring the combined value of each tool:
Lint - tflint, A Pluggable Terraform Linter that finds possible errors (like illegal instance types) and warns about deprecated syntax and unused declarations
Security - tfsec uses static analysis of your Terraform templates to spot potential security issues.
Cost - infracost, shows cloud cost estimates for Terraform, before making changes to the cloud.
Mapping - inframap reads your tfstate or HCL to generate a graph specific for each provider, showing only the resources that are most important/relevant.
"Infrastructure-as-Code is changing the way modern organizations are managing their infrastructure. With ValidIaC, developers can move faster but still have confidence when it comes to security, compliance, cost, and reliability," said, Ido Neeman, CEO at Firefly.
ValidIaC makes it possible to leverage the power of four tools in a single place, at any time, directly from your browser to provide DevOps, SRE, and Cloud teams with peace of mind when deploying and managing Terraform blueprints.
"I've seen firsthand the challenges developers have with making sure that their Terraform HCL is aligned with best practices. ValidIaC will make this a simple task that anyone on the team can do, directly from their browser," said, Eran Bibi, Chief Product Officer at Firefly.
ValidIaC is an open-source tool, so community contributors can add more tools or capabilities that will help them and the community. Moreover, Firefly announced that it'll soon introduce support to more Infrastructure-as-Code tools, such as Pulumi, Cloudformation, etc.
You May Also Like
Transform Your Security Operations And Move Beyond Legacy SIEM
Nov 6, 2024Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024